/**
 * 控制器
 * */
package org.zmhhxl.sample3.oauth2.a.controller;

import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import java.io.IOException;

@RestController
public class SessionCheckController {

   @GetMapping("/session-check")
   public ResponseEntity<String> checkSession() {
      Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
      if (authentication == null || !authentication.isAuthenticated()) {
         return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Not authenticated");
      }
      // 可以根据需要添加更多逻辑，比如检查会话详情等
      return ResponseEntity.ok("Authenticated");
   }

   @GetMapping("/oauth2/check_session_iframe.html")
   public void checkSessionIframe(HttpServletResponse response) throws IOException {
      //https://your-idp.com/auth/realms/your-realm/check_session
      String idpCheckSessionUrl = "http://127.0.0.0.1:9000/session-check";
      response.sendRedirect(idpCheckSessionUrl);
   }
}
